Re: [CentOS] Changing a user's shell on CentOS Directory Server?

2 Jun 2009


      On Mon, Jun 01, 2009, Matt Harrington wrote:
...
...
I should have been more precise in my original post.  After a second
read, I see that it sounds like I was asking for policy advice.
Actually, what I meant to ask was is it expected behavior that "lchsh"
fails for LDAP users?  If so, what are my choices for allowing users
to change their shells?  I can open up the permissions on
/etc/default/useradd, but maybe there's a better way.  I need this
capability.
"chsh" works for local users, so it's not that CentOS takes a stand
against users changing their shells.
I think it was chsh that had a major security problem a while
back that would permit user's to change their uid to ``0'' with
the expect bad results.  I ran into this on a SuSE system where
chsh was called from usermin.
Bill
-- 
INTERNET:   bill@celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

"If taxation without consent is not robbery, then any band of robbers
have only to declare themselves a government, and all their robberies
are legalized." -- Lysander Spooner, Letter to Grover Cleveland 1886

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] Changing a user's shell on CentOS Directory Server?